Disclaimer

Details

Strong authentication through one time password for Novell Access Manager 3

NordicEdge One Time Password Server  adds extra security to protect your applications. When the user ID and password is successfully verified, a one time password is sent to the user?s mobile phone through SMS (Short Message Services). This one time password will be verified and if it?s correct the user will be authenticated to the application.

How it works

If the username and password is verified correctly by the standard Novell Access Manager 3 password control the information is sent to the NordicEdge One Time Password plug-in. The plug-in will read the user attribute that contains the mobile phone number from the Novell Access Manager 3 associated database. Any attribute can be used.

A request is then sent to the NordicEdge OTP Server to create and send a one time password through SMS (Short Message Services) to the user?s mobile phone.

If the one time password was successfully sent, the NordicEdge OTP Server sends a notification back to the identity server to go on to the next step.

The user receives the one time password to his/hers mobile phone:

The NordicEdge One Time Password plug-in for Novell Access Manager 3 now prompts the user for the one time password:

The user enters the one time password and the plug-in will send it to the OTP Server. This one time password will be verified and the user will be authenticated to the application.

Requirements

NordicEdge One Time Server. This is a pure Java application that runs on any Java 1.4 compliant platform including Novell Netware / OES.